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(54) System and method for automated network reconfiguration 

(57) A method is disclosed for providing an 
enhanced level of security for sensitive or proprietary 
information associated with information transactions in 
a public network, such as the Internet. In carrying out 
that method, an on-line information transaction is bifur- 
cated between a generalized information access portion 
of such a transaction and an exchange of sensitive user 
information. With such a bifurcation, the generalized 
information access portion of the transaction, which 
generally would constitute the more substantial (in 
terms of network resources) portion of the transaction, 
would be handled via a non-secure network, usually a 
public network such as the Internet. The portion of the 
transaction involving sensitive user information, on the 
other hand, would be handled by a separate secure 
connection, such as a private network, or intranetwork. 
An important characteristic of this bifurcation arrange- 
ment is the provision of a means for automated recon- 
figuration of a user terminal as between accessing the 
Ageneralized information via the non-secure network 
and access to the secure communications network for 
the exchange of sensitive user information. Such an 
automated reconfiguration will be carried out without the 
necessity for any action on the part of the user, and 
indeed will be largely invisible to the user. 
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Description 

FIELD OF THE INVENTION 



This invention is related to the field of data cqmrnunications, and more particularly Jo a method and means for 
establishing an automatic reconfiguration of a user tetrnihaf among alternative tasks P ' r ' ' 



BACKGROUND OF THE INVENTION : r " " 



With the-increasmg 'popularity of personal computers ^lasts&jet^i y§ar$ has come a striking growih in ; 
transaction-oriented computer-to-computer communications (as opposed to°Buj R-d^ such\comput- 
ers). For convenience herein such transaction-oriented bbniputer-tb-C^ w in bei described by the 

shorthand term "information transaction". That^grpwth in the use of compijters^r such in'fo^ has 
unquestionably beiri fueled by 'the existence bf n ah intMktlonal infrastructure such da : fa^orrYmunfca- r 

tions, known as the Internet. And, driven by the burgeoning demand for such inforrfiatidn transa^ ! 
net has itself experienced explosive growth in the amount of traffic handled. 

At least partly in response to that demand, a new level of accessibility to various information sources 1 Was 'recently 
been introduced to the Internet, known as the World Wide Web ('A^W"). The WWW allows a user to access a uni- 
verse of information which corribines bxtraudibf graphics and animation within' aliyperrhedia docurneht:links are con- 
tained within a WWW document whicrvalldw simpl^ : ancl^aiDid acefeWtb related document. U$\rt$ a'kysiem known as 
the HyperText Markup Language ("HTML"), pages of information in the WWW contain pbinters to other' pa'ges, tho^e 
pointers typically being a key word (commohly;Xnown as a'hyperlfnk'word). WHeh a J uier selects one of those key 
words, a hyperlink is created foanbther information layer (whic^ma* be in^the sarrie, 6r a'different information server) 
where typically additional detailVelaled t^^ - 1 1 * v 

In order to facilitate imp]fementatibn : b ! f the WVvW on "the developed for user 

terminals, usually known asWeb Browsers, which provide a user^ith a ^fipniBaf lis^r interface medns : fbr' accessing r 
information on theWeb/and'navigatfng amo^n^infbrmalidh ikyers trTerein; : A c c6mr^only us^ such Web Browser is that " 
provided by NetScape. 4 ^-* 1 •<- v,L " v -" : c? 5<r ~ -* ln ' ' zr ' s ' y — : * " Z: ^'-^-^ ~ > -'--3 : ^ : t .. c- ,_, 

The substantial f growth 5 iri the use of cdmpuler nltworRsl and ^rtibtilafrly 5 the WWW, for such information iransac- 
tions, has predictably led to sighiflb^ m&ium.'Fdr 1 example? with the WWW, 

a user is not only k>le to s acc^ss numerous informatibn soUrces^ ibrne public ahd'some bbmrriercial to 
access "catalogs" of merchandis^^here^individual iterWfromsuch datatog c4Wb¥iaentifiecf ^rid ordered.ind \s able 
to carry out anumber of bankihg ^nd bth§r financial transaSibhs/As'Uill be &viousr sclch cbmWiercial transactions will 
typically ihvoive sensitive and proprietary information,' siich>s cre&f bard numMrs;arid financial infbrmatibri of a user. 
Thus, with the growth of commercial afcii^ 7 , >- ■ - 

It is well known that there are persons with"a r hfgh tevil df Sfcilf fri the'combu^ef arts; c^mrnbnly knoWas "habkers"; 
who have both the Ability and theWilllb intercept 6omn^d^ibn^via the Internet: Such pe/sohs ar%; thereby T able to " 
gain unauthorized access 4 to various sensitive' Wer (hWrfia^ such 
information: ^ «r. z » „ ,*v , 1 OL ^ svsc-d & ' -v 'iii "A smj^ .> — . 

The vulnerability of su^ Internet is' a phenomena 

which has only recently received wide public'attentibn, Qnless r such s^bunt/ddncerris'bah be quickly aSdr^sed' and 
alleviated, the commercial development of this new ^ bommunicati^ or even stalfed altogether. 



SUMMARY OF THE INVENTION 



: to ; w . j\ 



AccbrdihglyMt is an object of the ihventiortto prd^ide^rra^ security fbr sensitive or proprietary infbf- 11 " 

mation associated with information transactions ^irra piiblicnetworki such' as the Internet, fhafobject tSTeali'zea through : 
an arrangement whereby an oh-iihe ■information* tr^nsacforr fs : bV6rcated between 'tf generalized informatTon^'adcess^ 
portion of ■such a transaction and ah exchange of Wnsiiivf such a bifurcation ; the generalized ' * 

informatioh-access^ portion bf the transaction, which^genef^ terms of'riet- 

work resourcesj-portion of the transaction would be handled" via a non-secure network? usually' a'public rietwbrk such 
as the Infernet/f he portion d? the transaction involving sensitive user ihfdfifiatibn, bn^the^ther hand, would be h^ndl^d ; 
by a separate secure connection, such as a private network, or intranetwdrkrAri : ifnpbrtaht charactenitic of this bifurca- 
tion arrangement' is the provisioh of a means for automated reconfigiiratiorr of a user 1 terminal as between accessing 
the generalized information via the non-secure netwbrk%nd access to the secure communications network for the 
exchange of sensitive user'information. Such an autdm'ated reconfiguration will be carried out without the necessity for 
any action on the part of the user; and indeed" will be largely invisible to the user. In a further embodiment of the inven- 
tion, a transfer of data is provided from a public to a private network, wherein dataVefected by a user from a public net- 
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work site may be arranged and displayed at a user terminal and, subject to further user selection/confirmation activity, 
thereafter transferred to a private network. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 depicts an illustrative 'case bfijijoj^ apublic network such as the Internet. ■ 

Figure 2 shows the architecture of a browser as would typically be applied for accessing a hypermedia web page. 
Figure 3 illustrates the primary elements of the reconfigurable dual-path method of the, invention,^)- r, 
Figure 4 depicts in flow chart form the basic jump capability of the methodology of the invention. 

w Figures 5A & 5B (generally designated cpl^gtjy^ly heufiia as gPjflWJfftS-) 'QGWfofi itoy^Cjjart forrn ^"shopping 
cart" capability of the methodq1pgy„ot.th£ ... : > z) ^^r.jnv—j cjck ^: v.- vt'-r.^c >:!'■-.•• * - 

Figure : 6A & 6B teeqer^ '"J?vv. ^J^W^f * 0 ^- co - nfig " : 

uration capability of the.meth^ i0 .* :ife -. : , 5 ; -cm^-;-^ ;r.-.- ■ 

Figure 7A&JB (g9n«ahy£^ °t¥?^ ,or .. m :r 

is capability'of.^ c ^I^rn^r. o -.aI smt y 3 nr a -o .c.-A .i^nsm f — -v.- . 

DETAILED pESCf3iPT|PN : _ >A : ^ t , ; ? t . ,.- - b i* c! ni , , 

For clarity of explanafipn, lr\e iflustrative emt^imeot of t^pr^seji^i^entiph is presented.as cprppr^ing individual 
20 functional b^cks'Trie fun^ prpyidecL%6ugh the ; useof eifh§r. ^redpr dedicated . 

hardware JncV^ /« - rr ■ ?: . r , , ri ,. e: } j - 

Figure fdeplctS an^Fu^ative^case ptjnfor matibri fr^nsactibns j^rrj^'pu|yia r the Int^raet. A? seep, in the figure,., 
an exenplary'usW'^ ^tjemet by -fir& cgnn.i^rng", yja^a JerminaM,1 0.h^vi^an.^ssociated Browser 

1 1 1 . to an Internet Service Provider 1 12 selected by the"u£,er user, and the Internet Serv- 

es ice Provider wjlljtypipally be made via tbe^Public.S^ associated with 

the user's Terminal to^ network p'^ , :L. , v \ 

Once'th? user haso|tainjed access tp'th^ select ap^ddress i^rqy^edfpr connection 

to another user or other termination site and such a connection is made via the Internet to that destinatioaJocation. As 
can be seen from the figure, communication via the. Internet may b.e either. u? : er-to-user, ( as frQrnTerminaj r J 1 10 to Termk 
30 nal 130, or from a user to a node representing ah ir^ormation souccea^es Public Site. 1 20. 

It will of course Jbe understood Jhat'.tfiejntern a large ; number^o( users aqd inglude$,a, large, 

number of "such Public ^it^s,, but, the .illustration provides theiesV^tiaUde^ ; Qf th^ co^mumcatio established for ■ - 

such Internet communication JJt ; y«ill aisa bj^un^ service edifications; are. supported, by .^he,. 

Internet, with the World. Wide ; Web^s.e^ represents a pfeferc^,^ network aspect of,. 

35 the method bHhe iriyegt^ , ■■. - ,:■ . ; v. 

The Web Brpwserfsucjp asjdepjcted at fil,ian.be^ oper^ting.in conjunction wjtha 

user terminal (sucrV as Terr^ paFtisyjIa&func: . 

tionalitypf. the WW'VV! inform^ of ^uch^fcirowsfir is^geperaHy described in. terms of three-main . 

components, as'i'llustratedTn Figure 2. AUhe top fevel is the Brbwser201 , which enables the acquisition of information 
40 pages from a, WWW servecXbeginnipg, in all cases, with Jhe./'home page" for .that server), for display at a display device 
associatkfwitf^he;^ Browser^also provides theK^ for the ter^inalwith the HTML func- 

tionality used byjfre' server to'provide access to, other Hn ; ked^ - - . ■ -! 

The second level of the browser architecture is the TCP/IP Stack 202, which handles the communications protocols 
used for connecting the terminal to the WWW server. The bottom level of this architecture is the dialer 203, : which typ-.- 
45 ically handles the function of providing dialing and setup digits to a modem, as illustrated at 204, such a modem gener- 
ally being a part of theterrninal.jNojmally. upon receiving^dialing^rjd,^ the.modem 
would cause a.connection toVe made via the PSTN.to,.th^ interp§t : Servi^ for thatjerminal,,:, v . : .._ . 

Aftej;^ coclnecti \ph is' established Jn t^jis .manner to»the" ( lnterp an ^address , wquldjbe prpvidedJor 

the WWW information sought to be/cpntac^ed r ajcor^ through-the internet,. and the home. 

so page for thatnode causjed to be displayed at .the terpninars (^isp)ay ; .d^yjce. A user.wouldlh^aselect a .key^wqcd.i^that . 
home page,.typicaiiy.by',clic.kjng on the word with. a mouse or,s^rniLar device,.and, uponaransmissiQn.ofJhat selectio^ 
signal to.the'.WWW server, a hyperlink would be.created to theJinkedJaformation layer and the open pagejOf^hat, layer 
would be caused to be djsplayed.at the user terminal. v .- ^ r f . v i: , v ^, ■ v - .- ■< ^ ; r>-h->. :• . r.:^'.:*:. ■ 
As explained above, serious questions have been raised in respect to.tr^e security of pp^municationsi via the.public 
55 Internet. (Note, that the discussion herein is focused on.the Jnternet.and particularly the WWW functionality ofthe Inter- 
net, as a preferred embodiment of such. public data communication networks generally, but the^methodolpay of the 
invention will be applicable to any such network.) To address this problem, the methodology of the invention begins with 
a bifurcation of the information transaction between a user andjhe selected, information transaction provider into a por- 
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tion related to sensitive or proprietary user information, and other information comprising that transaction. With such a 
bifurcation, it becomes possible to provide substantia! security forfhat proprietary information by use of an alternative 
communications path for that separated portion of the* transaction via a* private Network," or ihtranetwork - Le), a con- 
nection between a user's terminal and a secure servrng node on thafprivate network.- It' is anticipated that a coordina- 
tion means will be established in respect to the management of informatiofTamohg the public and private network 
elements of the bifurcated information transactions- ••. c ;v» -\~ z .• r. o- : '-v. ; w ..:>' \ - ~- . 

,n its ^slc form - this methodology may be carried out by the user terminal initiating a call via the 'internet to a 
selected WWW node; -and,upon. establishing: connection^© toathode, proceeding with the desired information transac- 
tion up to thejpoint where. an exchange of sensitive.or proprietary information-were required. At that point the user ter- 
minal would be instructed by the WWW server to .terminate4hat connection (/re.vhangup) and to place a new call to an 
identified private^network servecfor-the necessary exchange' of- sensitive informations - > --- - * r 

However, jn order to accomplish such a-duai>path4ransaction f it is necessar^that the browser at the user terminal 
be reconfigured to~ provide ^the dialing, .authorizations (te.;4ogih arid-f^ 'information for 

accessing the alternative private network, in order to implement the proprietary portion of the transaction. It will also 
usually be the case that, upon completion of that private-network transaction, the original dialer, stadcarid brows'ePcoh- 1 
figurations will need to be restored, in order for the terminal to retain its normal Internet access functionality. Such a 
reconfiguration and.subsequent restoral of the necessary parameters in the brow's-errstack and dialer is likely to be well 
beyond the capabilities of the average user..^ -r-.H-.y r,.\ \-v-; .* >.; J-c- : 9^ -l . y.&i- < • ■ . •■- 

Accordingly, as a further embodiment of the inventive methodology, an 'automated browser reconfiguration means 
is provided which interoperates with the browser. This browser reconfiguration means is described in detail hereafter 
and will be referred to as the "Bridging Software". 0 

Figure 3 provides an illustration of the primary elements of the reconfigurable dual-path method of the invention. 
As seen in the figure,, a first path::comparable)to the Internet" link'shown' in Figure -1, between User -Terminal 301 and 
WWW Serving. Node 330. (via. Browser 302, .Mbdem-303;-!nternet-Service" Provider 31 Of and Internet 320) : is^provided. 
However, an alternative path.is>now ; -provided from the output of Modem 303 to Private Server 350. That path is iiius-" 
trated as being via theFSTNbWhich .is generally regarded.as:being highly secure --but an 'alternative dedicated or other * 
more-secure path bstweoatherUseDTerminal 301 and thePrivate Server 350'couid as well be -provided:- In Keeping with 
the discussion above. Browser 302 shown in Figure 3 woulcP&Isc include the Bridging Software ^installed as a helper 
application for implemertingihe autom . . .t -r 

In the operation of this system, a uSerwould normally make an initial connection to an Internet application, such as 
the application represented^ WWW Serving Node 330, : which, e;0., might be a^shoppingrapplicatibn; a financial trans- 
action, or the provision of anrenrollment:form!forxff-line preparafonvAfter conductirig^all.-br some portion of an infor- 
mation transaction short, of an exchange of Sensiiive^or proprietary information.'including -a capture by the user's 
terminal of needed, information^from .the- public site,;a user provides^ signal indicative of an^end to that portion of that 
transaction. During the course of the public portion of the information transactibnrspecially'configured^files are sent 
from the, WWW serving node to^the Bridging Software associated .with? Browser 302. Such files contain Instructions for 
the Bridging. Software to store, information -like products >r\o.g,? v for selected items from a catalog/forms for enrollment, 
or non-secure portions of a financial transaction; and i.econfiguntion information .foridialing^nd loggirigMnto the private 
portion of the transaction. The Bridging ..Software, then 'Jiangs- :up the Internet .connection, edits the- user terminal's 
browser, stack and dialer files to reconfigure the terminal to connect to the private server. Prior to automatic redialing- 
of the new private site for the user ; \the Bridging. Software imay^be instructedvby-the application operating at WWW 
Server Node 3.30 to display items chosenfor purchaser or to. display aform for the-end-user to complete off -tine before - 
dialing the priyate^application. Upon connecting -.to .the private application: and completing the transaction -as to-the-user 
sensitive information in a private environment; the Bridging Software then restores the end-user software to the dialing 
and authorization parameters required to-dialio the. public Jnternet^ui, ~ rr : ^ - -v - *t v «. 

A particularly advantageous^application ofitho automated, reconfiguration and information transfer methodology of 
the Bridging Software is that it adds value to certain WWW servers which do not possess the Common Gateway inter- v 
face ("CGI") capability ~ i.e., a provision of specialized functions on the server beyond just displaying HTML files, and 
are accordingly unable to accomplish any transactional processing in respect to items selected by a user. In effect, such - 
a non-CGI server, on its own, can only serve as a "billboard" for the items represented in its database."' ' 

However, with the collection and redelivery process of the Bridging Software, a data capture and processing mech- 
anism can be implemented for servers operating in a non-CGI environment -- such servers being incapable of more 
than the simple. delivery of static data packets corresponding to available items. The data set enabled by the Bridging 
Software is a mechanism, for augmenting .such JrmLted-sefver .capabilities;^. defining a flexible.mechanism-for the:- 
receipt, display, and delivery of arbitrary data from one site, to another. . ^ t .. - w •:. - 

In such a scenario, the Bridging Software receives a "shopping cart" item list from the host as a data-set defined 
with a static MIME data packet associated with the Bridging Software. This information comprising the data-set may be 
updated, displayed to the user in a "read-only" fashion, or presented to the user for order selection. 
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During.the process of interacting with the WWW server, 3 us.er.nnay trigger HTML-Jinks resulting in additional MIME 
packets for.the, Bringing Software being delivered tQ therctfceot ;fhese packets allow items to be added and/or removed 
from the specified dat^e^qV pr^t^nt^^^ user wMI interact with a pop-up screen 

provided by the Bridging Software wbjch prp^ientedtfiejterns available with product.-information, such as partnumber, 

5 description, unit cost, etc. The usendentifie*yh|©se Jtems-which are to-.be placed into the "shopping cart" and the quan- 
tity of items desired. Upon completion of the form, the Bridging Software stores .the -order in a format suitable for sub- 
sequent delivery to the private server site v ; £ ,.. rno ; . c . :>s< r- ; ^ .. ■ • -~ 'j " . - ■ " •"■ 
An additional feature provided by the rnetJnp0ptogy.Qf the. Bridging Software isan automated mechanism for provid- 
ing compatibility with user terminals notprevipusly^having. the. Bridging Software, included. with the terminal's browser. 

io To that end,- the Bridging Software located atiarvace^edipubljc-network siteunitfally.checKsUo-seeif the"t>rowser coun- 
terpart for that software is loaded at the calj^^^erterminabclftyes^thef heretofore described. processes of the Bridging * 
Software go forward. If not howeveHva.requ!&£t^ download the Bridging'Softwafe to the 

calling terminal. After such a down!o£d,-a h^lp^.applicationHoads th^ Bridging Software to theterminal's browser.. '■"*• 

is I. Illustrative Embodiments^ , S j S i 0 srl: -o.ver- vj^r e;r -iic :b>v 1 -j ^cn^-uTioo i*>j:. z.*:- s 

TJ v ^-our-iot oc/iv::-ir -t n ! isnnor rr r..-f c? Isr. ^ -*v ..-"^o.^-.- • • Sr.- o • 

A variety of- browser rewnfigurati^applicattpna are.suppottecj bytthe automated browser reconfiguration means 
of the invention. Four essentially diverse capabilities of this invention, which supportisueh applications, are described 
hereafter as,illustrative embodiments of the .invention, sr. '.-be *:^-r --vir-c * i -3-' v *^.-iro^ - 

A. Basic Jump Capabilities * . c-r..t L»-3* - ' .- ■ ..- 

In this^onfiguration/which is illustrated in flpw chart for/n in!Figure 4, an end-User is connected to a chosen WWW 
serving node (where a desired inforrnation product1s;maderavailable) ViaCa modern and arrlntefhet browser associated 

2$ with the user's terminal, (Step 401-0] Figure-4). After ; conducting an information transactiofivvitrf the selected WWW- 
serving node for someintecval. (de^rminedjin relation:tO:thespeaficlappHeation accessed); :the<u£ter clicks on a hyper- 
text link, or picture.to.begin an automated process; which will cause"thatipubiid session to be terminated and a new con- 
nection established, tp^an alternate private .data network (Step 402 Jlc.v n;-." ~» f«-^ f * r >'*Z - ^ — 
In response to that user action, a data message containirigjrJarametercreGonfiguration instructions is passed from 

30 the WWW server application jo the Bridging Software at the.-user:s't€frminal (Step 403). Upon receiving such instruc- 
tions, the Bridging -Software edits^the user's mmline communications software parameters,* reconfiguring that software 
to dial the alternate data, network (Step^404) t bThis reconfjguEatior* is fiiily -automatic 1 ^nd. transparent to the user r 'and 
includes-parameters.such,aSlmociemdia^ number;- login.xpassworcl, and TCP/IP addresses. At that point; the Bridging ; 
Software causes the n^odernte disconnect the current data network connection, shotting dowhthe browser, ancHo then 

35 dial the alternate privaterdata network (Step 405). r.:..u 'O.isrrnoiH.' n >t :> '■ "• ' " ■ " ' ' 

With the establishment of a connectiorj t<3 the private: secy^fcba^be afterdate data network, the user interacts .with^ 
the alternate data.network ^pplication^as. appropriate. (Step 406& and^after'anMnterval^cCfmpietes his activity withahe 
alternate data network and-jjirovides an indication- of such complejibrr(Steps407)t: : Arclata mfessagecontaining 'parame-* 
ter reconfiguratipn instructions .i$ thea passed Jrom. the- alt^cn^teidataF* network" application to the Bridging Software 

40 (Step 408), i: |\. , 1 ^r-:\ •••^oonr^DOi ^-ii'P":. ~ - -• " '•■•^ 

At that point.-.tbe B/idging Software again edits the userfe\on^liRec^mijriicatiori^ software parameters- reconfig- 
uring them-to dial tfre-original.publie.data network, or another preselected network*(Step 409)."As with the first-recon- 
figuration,, this configuration's automatic and- includes' parameters: such as. l mbdem dia^nuniber, login, ^password, and 
TCP/IP a?idre$.s.es: The Bridging Software automaticallycause6lhex;urxenfprivate data network to ^be disconnected by 

45 the modem (Step 410), and if appropriate, causes the origiaal -public-data:'n , etwork" ; tc> beredraled^(Step^411). When 
such a reearxnection to the public rtata network is establlshed^^h^f*d'>wser w<)urd then continue his application iriftie 
public data network: *; ■ :^ v & i?c vV>VvV .i sti~' ^ ; ';~v i."»v:i« * •. 



B. Shopping Can" Capability 



With this configuration, illustrated in* flow chart form in.Figure-S^a^user begirts by -establishing a connection to a 
WWW application (assuming for the moment that the application is nomGGI^enabled) at a serving* node for that appli- 
55 cation, using the Internet browser and modem associated with the User's terminal (Step 501 of Figure 5). Upon finding 
an item in that application to be saved, or remembered for later consideration, or purchase, the user clicks on a hyper- 
text link, or picture, representing that item (Step 502). That application tfien-sends a data message to the Bridging Soft- 
ware containing information about the items selected (Step 503) and such information is stored by the Bridging Soft- 
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ware in the "shopping cart" file in the user's terminal (Step 504): Such selection download and storage steps (Lei, steps 
502, 503 & 504) are repeated for as many items as the user chooses to select. At any point after the Bridging Software " 
has received the first set of item selection information, the user can instruct the Bridging Software to cause those 
selected items about which such information has been received to be displayed locally (at the users terminal), where 

5 the user may review or edit (including deletion if desired) the collection of items theretofore selected. The application 
may also control display character istics such as color rand fontfor such locally displayeditems/Note that in the case of 
a CGI-enabled application, tha application itself will keep track of the items Selected by the user and only download the 
totality of the selected items at the end of thetsetection process.vand accordingly.vthe described local display option will 
not be applicable to such a CGt-enabled application^: \y- - - T - - ■* -e- -w^ ^v. <h ^ . /* 
w At the point of completion of his "shopping*', the-uSerllicRs oh a Hyper^te^'HhWbr'picture to "check out" (Step 505), 
which will begin a process of causing a jump -to an alterhate datt neiwork-for^e'eotffpletionbf sensitive portions of the 
transaction. To that end, a-data message "containihg-p^rarneter is passed from the WWW 

application to" the Bridging^Software' (Step506)? rtU^^6 i be 1 h6ted*t'hatV as^^ecurfty-m^ure, infdrmatibn such as the 
new dial number/IP address, home page, ? configurati6n daSafe^; rdgin;-p&^wbr<3f; : DNS address) may be' passed over 

is the public netwonVin encYypt^^orrh: ,n; ^^ r'P-*\7iO? ofr.cn- \.i 3 2x1 -tV: r rv- ^ o&-r, ,v - 

Upon"recei*ving"such recbnf iguration 'i'nstr udions/ th'e^ridgfhg ^Sbffrw^ on-line -communications : 

software parameters, reconfiguring that' software ttf diihtha alternate data network (Step 5G7)rThis reconfiguration is 
fully automatic and transparent to the user, and includes parameters such as modem diahnumb'efr; login; password, and 1 
TCP/IP addresses^ At that point- the Bridging Software causes the modem to tfiscbnnecMhe current data network con- 

20 nection, shutting down the browser, -and to then dial the altWnatedata rtetwork (Step 508)V"- ■--"'^■ rif '-i - - * 
The Bridging Software passes the" stored "shopping cart" data captured from the WWW application to the alternate 
network, application (Step 509), where that data-may be'drsplayed-fbr-the user/ permitting the user to confirm arid/or 
modify the data (Step 510).-The user interkcts with the alterhate dafa network Application as appropriate, and'after an 
interval completes his activity with the alternate data network (Step 51 1 ) and thus, by providing an- appropriate comple- 

25 Won signal to the application; completing the* private v pbrtioffOf "frfe information transaction (Step 512). A datcf message 
containing parameter reconfiguration instructions 1 iisnfte^^^ the alternate "d^a^network' application to 'the 

Bridging Software 5 (Step 51 3):$- z^s^u ?™ '--e^ujai^ -^ee* ;?--ot w. ^nt < Kl t , t 3 - Jr " ~-. f t- f ;-* *v. ^ 

The Bridging. Softwares at'this point again edits 'th& usSfs^ 
uring them to diaMhe original *(or -anothe^pre^eifinedy^ata'h^lWbrk-^Step 514). As with the first reconfiguration, this "• 

30 configuration fs'automatic^ncT-iridudfe'svparametfers r sUchr*as' Thddem "dial number, ^login; password;'" 'arid TCP/IP 
addresses. The Bridging' Software 1 aufomatically-cTauSes th~e cu?i*ent private data network tb be disconnected by -the 
modem (Step 515), and if appropriate, causes the original public data*network tb'be^edialed (Step 516): When such a 
reconnection is. established to thetpoirit ih 'the" f pub1iC'*data'nefwctfk^where th"e user had left r off- to^handie'the secured 
aspects of hisihformatioh 'transaction; the use? would thish 'cbht1hfje i; his application dffthfc public data networks- = 

35 : " ■ - ' r. \ ' r t - ' -jz- "r „v r.'zfi-^'^ n-snj ieeu ^, 7 q •» o»A rt «— *• >.far- -.. v -v *. ^ •« • 

C. Stored Configuration Capabilities^ ' : u^^htr i mowJs^ 1 ^fsr/o:* so; o: 1.^0 r-u ! ;n:;,; [ti\ t\cA6] 

For this configuration; depictedln flow chart form inTFigifrfe^an^end-usfer Is scbrtftected to a chosen, WWW serving 
node (where a desired information product is made available)- via a'rriodemand an Internet browser associated with the 

40 user's terminal (Step 601 of Figure 6). The user selects a hypertext link or picture associated with the WWW application 
by clicking on such link or picture (Step 602). A data message containing parameter reconfiguration instructions' and an 
application icon (related to the selected hypertext link or picture) is passed from the WWW application to the Bridging 
Software (Step 603). ^ ^ : >-n>-;J< .v., <c y^r'^u-xz z^mor^s ■- ; -1 iv. - ; r y . - .-;.:;. f . 4 r— r, ..^-.v- 
The Bridging-Software-creates an icon for display- at the user's terminal; and'saves a Bridging Software configura-. 

45 tion file that is associated with that icon (Step 604).*fSuch i eridging Software actions are automatiaand. multiple select- - 
tions may he captured in this .manner:' At this point the userrrtey continue.the on-line session^or,- if all desired selections 
have been made, a signal is provided fromlhe usehttaaHhe session.shouId be discontinued (Step 605)/The Bridging-' 
Software then automatically disconnects the current data networteconnection (Step 606).- ^ v . c- >:h* r *c ; *■ 1 
After disconnecting from the WWW 'application? and following an interval determined'by the user. r a new application 1 

so is selected by the-user by clicking.on the appropriate new icon tfrsplayed atthe user's terminal (Step 607); The Bridging 
Software receives the reconfiguration- instructions from tire file Associated* with the selected icon (Step 608)/ r \ 
The Bridging Software edits the user's on-line communications software parameters, reconfiguring that software to 
dial the alternate data network (Step 609). The Bridging Software then'automatically starts the user's internet browser ' 
software and causes the alternatevnetwork application lo.bedialed by the modem associated with that terminal (Step 

55 610). Upon establishing a connection to the alternate network, the user interacts with that application and completes 
the transaction to the user's satisfaction (Step 611). After a signal is sentto the alternate network indicating such com- 
pletion of the user's activity (Step 612), a data message containing parameter reconfiguration instructions is passed 
from the alternate data network application to the Bridging Software (Step 613). That Software then causes the user's 
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terminal configuration parameters to be reset (Step 61 4) -and .the, alternate data -network to be automatically discon- . 
nected (Step 615). : : \., :• y raooro - . ■ • .; ~ ~- -. , • ' ... 

D. Off-Line Form Capability - osy.sJj^L .*. : ; . : : / - v - • ■ *~ * 

5 ..... . •■- ... : *. • V- a r,i sav-st- !: . . • . - . .. : 

In this configuration, depicted in lflow -charJ form in. Figure 7, an .end-user is connected to a chosen WWW serving • 
node (where a desired information product ismade available) via a modem and an Internet browser associated with the . 
user's terminal (Step 701 of Figure 7). The usecselects a hypertext linljt.or picture associated with an off-line form appli- . 1 
cation -- an exemplary such form being an HTML-based form - by clicking bn.such link or picture (Step 702)::Adata - • 

io message containing parameter reconfiguration instructions for the. Bridging'Software,, the. selected off-linerform-appJi- : 
cation, and an optional. icon (related ; to: f thej§ejected hypertextjinj^or picture): is passed from the ;WWW application to 
the Bridging Software (Step 703).;WpteMthat;the_selected off-line torm.may be for either single o^jrjultiple use.- 

In the case of a delayed or. multiple use-oUheisel^cted'for^ 
at the userjs terminal, and wi.lLsava^^Bridaing^Softwa^ configuration file that is associated wjth th^tJcpn (Step 704). . , 

is The form in question is also saved on the user's terminal. Such Bridging Software actions ar.e»autoroatic. At this point 
the user may continue the .pn-ljne session^orvif-all desired-selections have . been made, .a signakts provided .from the 
user that the session should be discontinued (Step 705). The Bridging Software then automatic^Uy^Jisgpnnects thp cur-- . 
rent data network connection <Sjep 706). n w - -r- J . * -•■ .v- i. •-=;•: ' ~- . % ^ ■->, * 

After disconnecting from the, W WW application, two cases are to be considered as to the further processing of the 

20 selected form: (1) an immediate single use of the form arid, (2);either a delayed or multipleiuse of the forrnjJa.the first- ■ 
case, the Bridging Sqftwareedits. the* user's on : !ine communications software parameters; reconfiguring that software 
to dial the alternate data-network. The Bridging- Software Jfoen automatjca%-starts the user's Jntern^tbrowser software 
which is caused to display-the off-line form. The user then completes the off-line form : and chooses :a "Submit Form" 
button displayed at his-terminal. -■,»,-.,* -r 1 r.^' 'r^^ir-^'-^' "r,:- :~ c.ms * r :' vjivitr^ r 

25 In the second case, the Bridging Software-v;ill have?created,an, icon- for display at the^user-s terminal-and saved a . ■ 
Bridging Software conf figuration. file associated.with that tcoa,:Following an interval deter minjed. by iths, user, -the off-line- . 
form application is started by the user by clicking on the new form icon displayed at the user's termina^Step 707). The 
Bridging. Software. receives the reconfiguration instructions from the tile associated with the selected icorv (Step 708). - . . ' 
The Bridging Software edits the user's on-Jine communications-software parameters, .reconfiguring thatso.ftware to 

30 dial the alternate data.netwprk (Step 709); The Bridging:Software-then automatical ly-starte the user's Internet browser 
software which is caused to display the off-line form .(Step. 710) ..The u§erjhen completes the off-line form and chooseS: C \ 
a "Submit Form'\button-displayed.at his terminal ■ 1 (Step;71 J 1)> di*.*;'; \^rj\\o vr'* ?•—•..,:>- *~z'- '^q^ <. * . : - :r/« 

In either the first or second-case; following activation of the,;SubrnihForm jbutton, the alternate network application -.r 
is then caused tobe dialed by the£ridging Software.-Upon. establishing a conneciionbtG the alternate network, the forrnv,o 

35 data is passed to the alternate network (Step 712). The user then interacts with that application and completes the 
application (Step 713). After a signal is sent to the alternate network indicating such completion of the user's activity- 
(Step 71 4),a data message containing parameter reconfiguration instructions is passed from the alternate data network 
application to the Bridging Software -(Step 71 5) ."That Softwars4hen r causes;the user's terminal configuration parame- . * 
ters to be reset (Step 716) and the alternate data network to be automatically disconnected (Step 717).-»-.. t . ■ • ^ v - -h * 

<o . „.>\\.^: v . : -w. ... ..^j..--. ? ; :/s.* r^: ..- •• * * ; ' 

CONCLUSION f : vw: x ^vv v . v o :i vws -y^zs A fO^C-^r-j' ^. . . . 

A system and method has been described for the automatic switching of an information transaction between two - 
or more alternate networks.^This functionality, which incorporates -a reconfiguration means designated herein as the 
45 Bridging Software, supports the movement of application speci(ic data.from;one on-line environment to another. . Among 
potential applications otfthiS:process for-passing..data between differ.entenvironments are; selected items for purchase ■ 
("shopping xart;);.-captared dat& from forms, and other^erver captunecldBta.such. t as web pages- visited. A - * ■: 

The Bridging Software reconfiguration'.means.isriErtendedi to, worfcwith various Web Browser, software implementar r 
tions, including the NetscapePersonarEdition (NPE)^Softwar§ fot7-Windows;3;Vand^3.-M;and which represents^ work- : 
so ing embodiment ior the invention. The Bridging . Software- installs : itself as a helper; application within: the -browser - 
application and utilizes aspeciahMIME type configuration file 1o. pass reconfiguration and ^'shopping cart" information 
from the server to the client software. . '.-v: j f i i>- , /.?uv; jiwrv^ <■.-•*.- ; --r -v.^ - - /:.••« „c< - 

When an appiicatton requires a user to reconnect to a private'applicatibn, a reconfiguration file is passed- to the 
Bridging Software helper application .via a CGI -script v or. simple hypertext . link., .The helper application.disconnects the 
55 current data connection, reconfigures the. dial. parameters (dial #. login password. DNS address, and home page) and 
initiates the dial program so the end-user can. access the private application.: ■ * . - - 

When the end-user connects to .the private application, the Bridging. Software reconfiguration means provides the 
new "private server" application with data collected from the "public server", and the application resumes in a private, ! 
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secure environment. ; - 

The Bridging Software allows both" short term and long tefrn storage of dial configurations. Configuratidris passed 
to the Bridging Software can be designated as single use configurations and discarded after the application has termi- 
nated. or saved and displayed to the end-user as a dial choice by the Bridging Software. 

Although the present embodiment of the invention has "been described IrV detail; it should be understood that vari- 
ous changes, alterations and substitutions can be made therein Without dep^rtuig'frdm the s'pirit and scope of the inven- 
tion as defined by the appended claims. In particular, it is noted that, while the invention has been primarily described 
in terms of a preferred embodiment based on an automatic'reconfiguration between a public and a private data net- 
work, any the methodology of the invention will be equally applicable to any set of afterriaWnetworks. 

Claims'-" - ' ^ ' V.; - ; . it *v - ? «v f .,- .-if - ::a I- n- z yj Vj f:o!iC^r^ ' f , - ■■• 

1 . A method for managing a transaction via a communications gath between a terminal device and a serving node in 
adata nefwdrk, said method comprising' the sfepsbf:' *= : ^ ' c - * c -° — ' r - v ^f,v-- 

establishing an initial communications path via a first connection between said terminal device and a serving 
node : iri a first data' network^ ■ ' ^■•■ = - r h !VV r - :: : ]( 1 ? L' r; ^' 5 -> ■ ' - ' - 

receiving information from said serving ncdein r said'firsfdata : network fdr 'effecting a reconfiguration' of- siaid 
communications path for said transaction from said first connection in said first data network to a second con- 
20 nection \na second data network? and' ' rjc r * r " -'■=•--* ^ v r ; .- >~ r . \ , ■^■• i . t ' ir " 

automatically connecting said terminal da/ice to : a serviriig* node "in laid second datst ne'twork' via said second 
connection. 

2. A method for managing a transaction via a communications path between a terminal device and a serving node in 
25 adata network, said method Comprising the step£ of:^ 1 1 no :z ^' v " ?: ' * - - - jJ - "■ 

establishing an initial communications path via a first connection between said"'fermirial -device and a serving 
node in a first data network; 

selecting at least drie'lnfbrrnation item from* a clata base of saidiriformaiion items provided at said serving node 
30 in said first-data network;^ 1 ^ v^c^'cc * ^ *i« ^.rb. -r^c-v: - 1 \ --.v v 

causing said selected information items to be downloaded to said terminal device via said first connection; 
receiving information^ frorrrsatd s^^ a reconfiguration of said 

communications path-forsaid transaction : fromsSicl f1rst : cbnnection in 'said first- data 1 network to a second con- 
nection in a second data network; and 
35 automatically connecting said terminal device to a serving node in said second data network via said second 

'connection.'^- " — ■ ' -*~~ ! -- *:~\b<-;z'0 O'-hh •iisssnvv £; •*•«.; ;~ ,\>:. » c -r -..j^^. - . 

: -o*v^. .£•{-?• "•,;>:'. 

3. A method for managing a transaction via a communications path between a terminal device and a serving node in 
a data network/ said method compr is rngMhe" steps'bf: : : ~ = ; - r i " ^' ' tr '■*"<:» r *~ *5 o' ^.r .^-n K :\ ;y- : ; 

40 .v*. i- - - i : < Li'-.-, . 

establishing an initial communications path via a first connection between said terminal device and a serving 
"nbd¥ in a first data network; - ^'-''-^^ "> '^>a o.b.: ""^.iv- L - • : • .^r, : : r. c- ^ - 

identifying' at least one data -network applicatioh i: from ; a'dafa'ba^e 6f-said data-network applications ^provided 

at said serving node in said first data network; ; ^ 

45 receiving information from said serving node in said first data network for reconfiguring said terminal device for 

implementation of a communication patfh via^ari^alferbate 1 connection between said terminal device'ahd at least 

one of said identified data network applications in a second data network; and 

in response to a selection signal f rbm-a' : user, ¥tfdml&ti^ to a selected one 

of said identified data network applications via : satd' alter K&ie^eonriSctibn: ( r, -* . f -v-,- - 



50 



A method for managing a transaction via a communications path between a terminal device and a serving node in 
a data network,' said method comprising the" steps of " ffj ' 



establishing an initial communications path via a first connection between said terminal device and a serving 
55 ■ node in a 'first data'netwbrk; 5 - ™ ? - • ^ r ' t ^' • ■ " ■ " . * ■ - . . ^ • " 

selecting an off-line form application from a data base provided at said serving node in said first data network; 
receiving information from said serving node in said first data network for reconfiguring said terminal device for 
implementation of a communication path via a second connection between said terminal device and said 
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selected off-line form application in a second data network; and 

in. response, to,, a. selection signaj.from 3 us§c, automatically connecting said terminal device to said selected 
. off-line form application. i * ^-.3,^ ^<no 9?:; :r-r ~.-t ■ - - ns* * - 

5. The method for managing.a Jransartiop*ptClalm'1. or 2.including the further step, of recognizing a signal to recon- 
figure said communications path fr.qm said first connection to.sai^sepond^connection. . .: . , . ; . r . : 
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15 



6. The method for managing a transactions* Claim 3, wherein said^sejected data network application is-operated at a 
serving node in said second-data network..^ . I5 . ^"vc.r^a .? v^;.v;> v.- ^-v k: in-*/™ • tc> . • •; ; ■ -z 

7. The method for managing a transaction of Claim 4 wherein said selected off-line form application is operated at a 
serving node in said second data network. 

8. The method for managing a transaction of one of the Claims 1.*£ G §J%*4 ^herein, sagi.serviQg^nodesjn said f^rst 
and said second data networks are manifested in a common node. 

9. The method for managing a transaction of cfaim 1 or 2 wherein said step of receiving inforrn^tion includes the fur- 
ther step^of effecting said.reconfiguration.pf s^idxpmmunicatipns path^ n . , N .. .. :r , 



.•■r-~ 'iO'*i 

,5 in./ 1 "d; 



20 1 0. The method for managing a transaction of Claim 1 or 2 wherein said step of automatically connecting includes the 
step of automatically disconnecting said first.connection prior tp jmplergentatipn .of said second connection.-.. r 

11. The method for managing a transaction of Claim 1 or 2 including the further steps of: 



25 automatically disconnecting said second connection in response;taa user signaled-. 1;e .- ? f . - : . 

reconfiguring said terminal device to enable, in response to user instruction, an implementation of a connection 

- via an identified ^ata .network., -^-.v^? r : * r K - A z s<v *£^r v -v^* ^ i^t ->> : ^ .-• 

12. The method for^managing a transaction of .CJaim lA.wherein said.,step^f automatically reconfigunng said-terminal 
30 device includes the step of effecting said implementation of said connection via said identified data network. - i; : . 



1 3. The, method for managing a transaction of Ciaim^^wher^n ssud s^ep^f-caujsinjg^^selected information items to 
be downloaded includes the further step^pf causing saidselect^iptprmaSon items tOi^e.dispJaxedatsajd terminal 
device. oc« v.nj;-: ■* ? ^- ■■' 

14. The method for managing a transaction of Claim 13 wherein said displayed selected items can be edited by a user 
at said terminal device. 

15. The method for managing a transaction of Claim 13 wherein disglay^charajptefist^ said, displayed selected . 
40 items can be controlled at said terminal device. 

16. The method for managing a transaction of Claim 2 wherein said step of automatically connecting includes-the step 
of uplqading^said selected information items fronrsaidiermiral-device^tq^^^ provider- via said.second con- 
nection. .J-ycwivn (-"Jib ''^r? • *: . '. . .^^ * 

17. The method fqr managing a .transaction of Claim 3 including the^furfeer steps of/ iCrir $ x - { \ ; - ' - 

^-automatically disconnecting said altemateponjije^jon^ user signal; s ancj„. T , _ - ... ; - : . 

reconfiguring said terminal device to.enabl&implement^tion.pt a pre-selected connection between said termi- 
50 nal device and an identified data network. 

18. The method for managing a transaction of Claim 17 wherein said step of automatically, reconfiguring said terminal 
device includes the further step of effecting said implementation of said pre-selected connection. 

55 1 9. The method for managing a transaction of Claim 4 including the further step of downloading from said servjng node 
in said first data network to said terminal device of an off-line jornvrelated to said off-line form application. - 

20. The method for managing a transaction of Claim 4 including the further step of uploading said downloaded off-line 
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form from said terminal device to said selected off-line form application, after processing by a user. 

21 . The method for managing a transaction of Claim 4 including the further steps of: 

automatically disconnecting said connection to said selected off-line form application in response to a user sig- 
nal; and 

reconfiguring said terminal device to enable implementation of a pre-selected connection between said termi- 
nal device and an identified data network. ■ ^ - . 

The method for i : 
device includes 1 




upon t^rminatiqn^oi-said info^rnia^OQ-^rce/processor connection via saijd.^fti^ 

automatically repon^iguj^ng^a confiecfibn criteria in said terminal device to eria&tM fd imple- 

ment, in response touse^nstru^ via an alternative one of "said 'c&ixi^rS^or^netWf\^- 

24. The method for managing cdnnections of Claim 23 wherein said recognizing step occurs at a point when said ter- 
minal device is connected to a given source/processor. 

25. The method for managing connections of Claim 23 wherein information items may be selected by a user at said 
terminal device from said given source/processor, and including the further step of causing said selected informa- 
tion items to be downloaded from said source/processor to said terminal device. 

26. The method for managing connections of Claim 25 wherein said step of effecting connection includes the further 
step of uploading said selected information items from said terminal device to said other information source/proc- 
essor. 

■ r ^ '\ * ..: 

27. The method for managing connections of Claim 26 wherein said selected Information items are processed by said 
user at said terminal device prior to uploading to said other information source/processor. 

, _ | ; 

28. The method for managing connections of Claim'-2H irK#ding^fi^f;^r1l%- step of causing said given source/proces- 
sor to download to said terminal device configuration data jpr Enabling said step of effecting connection to said 
other information source/processor. 

29. The method for managing connections of Clairrj 24 including trte-fbrther step of causing said other source/proces- 
sor to download to said terminal device configuratiori'datg-fdr^riabling said step of automatically restoring a prior 
connection criteria in said terminal device. i' u;rA \ i 

30. A method for enhancing security of certain data in an on-line information transaction comprising the steps of: 

bifurcating said information transaction intd^first portion comprising said certain data and a remaining portion, 
wherein said remaining portion is carried out via a public dn' : iin^ communications connection between a termi- 
nal device and a public information server; r 

causing said first portion to be carried out via a secure private on-line communications connection between 
said terminal device and a private information server; and j 

automatically reconfiguring network access rrieans r in said terminardevfee to switch between said public con- 
nection and said private connection. ' J:i ^ x •' 1 >'^"*\J j 
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